![]() ![]() It should just show it like the highlighted section below.Īnyone know a secret -option to make the Serial Number display ? Would be totally sweet if I did not have to do this second step. Is there a way to get it to return the Serial number (or thumbprint) of the server certificate?Ĭurrently, I have to cut and past the returned Base64-encoded certificate into another file and open it in a second step to see the serial number of the certificate the Server is using. Issuer= /C=US/O=GeoTrust Inc./CN=GeoTrust Global CAĢ: subject= /C=US/O=GeoTrust Inc.I use echo GET | openssl s_client -connect -state to troubleshoot https handshakes. If you want to verify each entry in the file, you can use this script to show the chain of trust for a local certificate: ~ % ssl_chain.sh google.crtĠ: subject= /C=US/ST=California/L=Mountain View/O=Google Inc/CN=issuer= /C=US/O=Google Inc/CN=Google Internet Authority G2ġ: subject= /C=US/O=Google Inc/CN=Google Internet Authority G2 The verify command you listed will fail if your system cannot validate the chain (example: you are missing an intermediate certificate or the root is not trusted), showing an error message like:Įrror 20 at 0 depth lookup:unable to get local issuer certificate Issuer= /C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - SHA256 - G2īut that doesn't indicate if the certificate includes any intermediate certificates or the full chain of trust. Subject= /C=US/ST=Utah/L=SLC/O=My Organization/CN=my. For local certificates you can see the subject and direct issuer using: openssl x509 -noout -subject -issuer -in test.crt
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |